|
PGP Freeware 8.0.3 (Freeware) When compared to some other platforms, the Mac does pretty well in terms of security. Sure, one can argue that there are less exploits for the Mac, perhaps due to its relatively small market share, but this doesn't excuse the sheer number of Windows exploits out there. Still, simply using a Mac won't guarantee total security. There are always ways to break into a machine, then there's the issue of physical security. If someone runs off with your computer or hard drive, your choice of platform won't really matter. Panther users can get a taste of system level encryption with the FileVault feature, but there are those who may want more control over how to encrypt their files. Fortunately, the good folks at PGP Corporation have kept up with the times, and continued to update their product since we last examined their stuff in 1999. PGP Freeware performs two main tasks: helping manage your keys, and offering a way to encrypt, decrypt, sign and verify files. The whole concept of encryption involves using numeric "keys" to lock and unlock files. Some systems using a single key to both encrypt and decrypt a file. The problem with this type of system is that the key must be exchanged securely. If it is discovered, the system can be broken. A newer type of system, called public key cryptography, has two keys for each user, a "public" and "private" key. Information is encrypted with the public key, and decrypted with the private. The cool part is that, unlike the single-key system, a public key can be given out freely, since knowing the public key doesn't give an attacker the ability to decrypt messages.
The first step in using PGP is to create your keys. Key length is measured in bits, with the general rule being that the more bits provide better security, but slower performance. We selected a 4096-bit Diffie-Hellman/DSS type of key. Your key is tied to a "passphrase" which is essentially a password. Use a bit of common sense when choosing this passphrase; make sure it isn't something easily guessed, or a word that can easily be found in the dictionary -- if someone figures out your passphrase, they can get at your key -- but don't make the password so complex that you won't remember it. Once you create your keys, you can use the PGPkeys application to do a few things. One is to send them to a remote key server, so that others can find you. You can also export your key, and only give it to those you choose.
Once your keys are in order, you'll probably want to encrypt and decrypt some messages. The PGPmail application provides a graphic interface to operations you'll most likely be using when dealing with files and mail. The first operation is Encrypt, which will scramble a file so that only the intended recipients can read it. Be sure that you include yourself as a recipient if you'd like to open the encrypted file! Another operation that you can perform on a file is Sign. Whereas encryption scrambles the contents, signing helps verify that the contents of a file haven't been tampered with. Therefore, if a file that has been signed, and then had its signature verified, one can be sure that the contents are the same as the original. You can combine Encrypt & Sign, as well as use Decrypt/Verify to unscramble a file. There's also Wipe, which will securely delete a file so it can't be recovered. So make sure that your data and e-mail are protected from prying eyes, and give PGP Freeware a try today! Have any other Gadgets that make hard tasks simple? Let John know about it via e-mail, and he'll drop everything and check it out.
|
